CN115688195A

CN115688195A - Block access control method, authentication method, device, equipment and storage medium

Info

Publication number: CN115688195A
Application number: CN202211611832.8A
Authority: CN
Inventors: 杨健伟; 徐霞; 张社丽; 侯晓博
Original assignee: Shenzhen Landray Software Co ltd
Current assignee: Shenzhen Landray Software Co ltd
Priority date: 2022-12-15
Filing date: 2022-12-15
Publication date: 2023-02-03
Anticipated expiration: 2042-12-15
Also published as: CN115688195B

Abstract

The embodiment of the invention provides a block access control method, an authentication method, a device, equipment and a storage medium, and relates to the technical field of artificial intelligence. The block access control method comprises the steps of obtaining a target authority of a user and a block authority of each service block, obtaining a merging authority of each service block according to the target authority and the block authority, removing duplication of the merging authority to obtain a de-duplication authority of the merging authority, obtaining authority information of each service block according to the de-duplication authority and the length of the merging authority, and displaying the target service block of the user according to the authority information. According to the method and the device, the target authorities and the block authorities do not need to be compared one by one, so that the time for comparing the authorities is shortened, and the problem that the response time is too slow due to authority access is avoided. The target service blocks corresponding to different users can be displayed for different users, rendering of all the service blocks is avoided, meanwhile, interference information of a display interface is reduced, and access efficiency of a service system is improved.

Description

Block access control method, authentication method, device, equipment and storage medium

Technical Field

The present invention relates to the field of internet technologies, and in particular, to a block access control method, an authentication method, an apparatus, a device, and a storage medium.

Background

The service system is used for realizing service management and information management standardization, and can efficiently process or display service related information. For example, when handling office business, the business system is an office system; when processing information presentation services such as news, the service system may be a web portal system or the like.

In the related art, a plurality of service blocks are integrated in a service system to meet different service requirements, and usually, the same service requirement may need a plurality of different service blocks to be implemented. Different users have different service requirements, and further, different users have different service block use requirements, so that different service blocks all contain independent access right information. However, in the related art, different user display interfaces include all service blocks, each service block needs to be authenticated, and when there are many service blocks, the authentication time is long, which results in long user waiting time and low access efficiency.

Disclosure of Invention

The embodiments of the present application mainly aim to provide a block access control method, an authentication method, an apparatus, a device, and a storage medium, so as to adaptively display a service block and improve the access efficiency of a page.

In order to achieve the above object, a first aspect of the embodiments of the present application provides a block access control method, which is applied to a network page display system, where a page displayed by the network page display system includes multiple service blocks, and service blocks displayed to users with different permissions are different, and the method includes:

acquiring a target authority of a user;

acquiring the block authority of each service block;

obtaining the merging authority of each service block according to the target authority and the block authority;

removing the duplication of the merging authority to obtain the duplication removing authority of the merging authority;

acquiring authority information of each service block according to the length of the de-duplication authority and the length of the merging authority;

and displaying the target service block of the user according to the authority information.

In one embodiment, the block permissions include at least one user permission; the obtaining of the merging authority of each service block according to the target authority and the block authority comprises:

generating a first permission array;

converting the target authority and each block authority into a preset format to obtain a target authority parameter and a block authority parameter;

and storing the target authority parameters and the block authority parameters into the first authority array to obtain the merging authority.

In an embodiment, the performing deduplication on the merge right to obtain a deduplication right of the merge right includes:

generating a deduplication authority array, wherein the deduplication authority array comprises a first deduplication authority array;

and storing the target permission parameters and the block permission parameters in the merging permission in the first deduplication permission array according to a first preset storage rule to obtain the deduplication permission.

In an embodiment, the storing the target permission parameter and the block permission parameter in the merge permission in the first deduplication permission array according to a first preset storage rule includes:

acquiring a first storage element value, wherein the first storage element value is the target authority parameter or the block authority parameter acquired according to a preset sequence;

comparing the first storage element value with the values of the array elements in the first deduplication permission array, if no duplication exists, writing the first storage element value into the first deduplication permission array according to the numerical value, and adding one to the array size of the first deduplication permission array;

otherwise, the first storage element value is not written.

In one embodiment, the deduplication rights array further comprises a second deduplication rights array; if the total length of the elements in the first deduplication permission array is larger than a preset storage length:

and storing the target permission parameters and the block permission parameters in the merging permission in the second deduplication permission array according to a second preset storage rule to obtain the deduplication permission.

In an embodiment, the storing the target permission parameter and the block permission parameter in the merge permission in the second deduplication permission array includes:

acquiring a second storage element value, wherein the second storage element value is the target permission parameter or the block permission parameter;

acquiring a preset coding value of the second storage element value;

comparing the preset coding value with the preset coding value of the array element in the second deduplication permission array, and if the duplication does not exist, writing the value of the second storage element into the second deduplication permission array, wherein the array size of the second deduplication permission array is increased by one;

otherwise, the second storage element value is not written.

In an embodiment, the obtaining the permission information of each service block according to the lengths of the deduplication permission and the merge permission includes:

acquiring a first array length of the merging authority;

acquiring a second array length of the deduplication permission;

if the length of the first array is larger than that of the second array, the authority information is that the access authority exists;

and if the length of the first array is equal to the length of the second array, the permission information is no access permission.

In an embodiment, the displaying the target service block of the user according to the permission information includes:

acquiring authority information of each service block;

taking the service block with the access authority as a target service block;

generating layout information according to the target business block;

and displaying the target service block according to the layout information.

In an embodiment, the acquiring the target authority of the user includes:

acquiring login information of a user;

acquiring a user number of the user according to the login information;

and acquiring the target permission according to the user number.

In an embodiment, the obtaining the block right of each service block includes:

acquiring a display sequence of the service blocks;

and obtaining the block authority of each service block according to the display sequence.

In an embodiment, before obtaining the block right of each service block, the method further includes:

acquiring configuration rights, wherein the configuration rights comprise: a first right and/or a second right;

and generating the block authority according to the configuration authority.

In order to achieve the above object, a second aspect of the embodiments of the present application provides an authentication method, including:

acquiring a target authority of a user;

acquiring the block authority of each service block;

and obtaining the authority information of each service block according to the lengths of the de-duplication authority and the merging authority.

In order to achieve the above object, a third aspect of the embodiments of the present application provides a block access control device, which is applied to a network page presentation system, where a page presented by the network page presentation system includes a plurality of service blocks, and the service blocks presented to users with different permissions are different, the device includes:

a target authority acquisition unit: the system is used for acquiring the target authority of a user;

a block authority acquisition unit: the block authority used for obtaining each service block;

a merging authority unit: the merging authority is used for obtaining the merging authority of each service block according to the target authority and the block authority;

an authority deduplication unit: the de-duplication module is used for de-duplicating the merging authority to acquire the de-duplication authority of the merging authority;

an authority information determination unit: the authority information of each service block is obtained according to the lengths of the de-duplication authority and the merging authority;

a service block display unit: and the target service block is used for displaying the target service block of the user according to the authority information.

In order to achieve the above object, a fourth aspect of the embodiments of the present application provides an electronic device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the method of the first aspect or the second aspect when executing the computer program.

To achieve the above object, a fifth aspect of embodiments of the present application proposes a storage medium, which is a computer-readable storage medium, and stores a computer program, and the computer program, when executed by a processor, implements the method of the first aspect or the second aspect.

According to the block access control method, the authentication method, the device, the equipment and the storage medium, the target authority of the user and the block authority of each service block are obtained, the merging authority of each service block is obtained according to the target authority and the block authority, the merging authority is deduplicated to obtain the deduplication authority of the merging authority, the authority information of each service block is obtained according to the length of the deduplication authority and the merging authority, and the target service block of the user is displayed according to the authority information. According to the method and the device, the authority information is obtained according to the array length relation between the de-duplication authority and the merging authority, the target authority and the block authority do not need to be compared one by one, the authority comparison time is further shortened, and the phenomenon that response time is too slow due to authority access is avoided. And the target service block is obtained according to the target authority of the user, so that the corresponding target service block can be displayed for display interfaces of different users. On one hand, the display interface of each user is prevented from rendering all the service blocks, and the rendering time is reduced; and on the other hand, the interference information of the display interface is reduced, so that a user can quickly select a target service block according to requirements, and the access efficiency of a service system is improved.

Drawings

Fig. 1 is a schematic view of a service block of an application scenario in a block access control method according to an embodiment of the present invention.

FIGS. 2 a-2 c are schematic diagrams of user interface displays of different users in the application scenario of FIG. 1.

Fig. 3 is a flowchart of a block access control method according to an embodiment of the present invention.

Fig. 4 is a schematic diagram illustrating a correspondence relationship between a user and a department in another application scenario in the block access control method according to the embodiment of the present invention.

Fig. 5 is a schematic diagram of a service block in the application scenario of fig. 4.

Fig. 6 is a flowchart of step S110 in fig. 3.

Fig. 7 is a flowchart of step S120 in fig. 3.

Fig. 8 is a flowchart of step S130 in fig. 3.

Fig. 9 is a flowchart of step S140 in fig. 3.

Fig. 10 is a flowchart of step S142 in fig. 9.

Fig. 11 is a flowchart of a block access control method according to another embodiment of the present invention.

Fig. 12 is a flowchart of step S150 in fig. 3.

Fig. 13 is a flowchart of step S160 in fig. 3.

FIGS. 14 a-14 b are schematic diagrams of different user display interfaces in the application scenario of FIG. 4.

Fig. 15 is a flowchart of an authentication method according to an embodiment of the present invention.

Fig. 16 is a block diagram of a block access control device according to another embodiment of the present invention.

Fig. 17 is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

It is noted that while functional block divisions are provided in device diagrams and logical sequences are shown in flowcharts, in some cases, steps shown or described may be performed in sequences other than block divisions within devices or flowcharts.

Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used herein is for the purpose of describing embodiments of the invention only and is not intended to be limiting of the invention.

The service system is used for realizing service management and information management standardization, and can efficiently process or display service related information. For example, when handling office business, the business system is an office system; when processing information presentation service such as news, the service system may be a web portal system or the like.

In the related art, a plurality of service blocks are integrated in a service system to meet different service requirements, and usually, the same service requirement may need a plurality of different service blocks to be implemented. Different users have different service requirements, and further, different users have different service block use requirements, so that different service blocks all contain independent access right information. However, in the related art, different user display interfaces include all service blocks, each service block needs to be authenticated, and when there are many service blocks, the authentication time is long, which results in long waiting time and low access efficiency for the user. Meanwhile, when the user accesses the unauthorized block, an unauthorized prompt is displayed, and at the moment, re-selection needs to be returned, so that the user can hardly select the target service block quickly.

Based on this, embodiments of the present invention provide a block access control method, an authentication method, an apparatus, a device, and a storage medium, where authority information is obtained according to an array length relationship between a deduplication authority and a merge authority, and it is not necessary to compare target authorities and block authorities one by one, so as to reduce time for comparing authorities and avoid too slow response time due to authority access. And the target service block is obtained according to the target authority of the user, so that the corresponding target service block can be displayed for display interfaces of different users. On one hand, the display interface of each user is prevented from rendering all the service blocks, and the rendering time is reduced; and on the other hand, the interference information of the display interface is reduced, so that a user can quickly select a target service block according to requirements, and the access efficiency of a service system is improved.

Embodiments of the present invention provide a block access control method, an authentication method, an apparatus, a device, and a storage medium, which are described in detail with reference to the following embodiments, and first describe the block access control method in the embodiments of the present invention.

The block access control method provided by the embodiment of the invention can be applied to a terminal, a server side and a computer program running in the terminal or the server side. For example, the computer program may be a native program or a software module in an operating system; the Application program may be a local (Native) Application program (APP), that is, a program that needs to be installed in an operating system to be run, such as a client supporting block access control, or an applet, that is, a program that needs to be downloaded to a browser environment to be run; but also an applet that can be embedded into any APP. In general, the computer programs described above may be any form of application, module or plug-in. Wherein the terminal communicates with the server via a network. The block access control method may be performed by a terminal or a server, or may be performed by cooperation of the terminal and the server.

In some embodiments, the terminal may be a smartphone, tablet, laptop, desktop computer, smart watch, or the like. In addition, the terminal can also be an intelligent vehicle-mounted device. The intelligent vehicle-mounted equipment provides relevant services by applying the block access control method of the embodiment, and driving experience is improved. The server can be an independent server, and can also be a cloud server providing basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, network service, cloud communication, middleware service, domain name service, security service, content Delivery Network (CDN), big data and artificial intelligence platform and the like; or may be service nodes in a blockchain system, where a Peer-To-Peer (P2P) network is formed among the service nodes in the blockchain system, and the P2P Protocol is an application layer Protocol operating on a Transmission Control Protocol (TCP). The server may be installed with a server of the block access control system, and the server may interact with the terminal through the server, for example, corresponding software is installed on the server, and the software may be an application for implementing the block access control method, but is not limited to the above form. The terminal and the server may be connected through communication connection manners such as bluetooth, USB (Universal Serial Bus), or network, which is not limited herein.

The invention is operational with numerous general purpose or special purpose computing system environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet-type devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like. The invention may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

In order to facilitate understanding of the embodiments of the present application, the following briefly introduces a procedure of block access control in conjunction with an example of a specific application scenario.

First, the block access control method of this embodiment may be applied to a network page display system, where a page displayed by the network page display system includes a plurality of service blocks, and the service blocks displayed by users with different permissions are different. It is understood that the web page presentation system may be an online web page system or a local client system. The network page display system is used as a service system for realizing service management and information management standardization and can efficiently process or display service related information. For example, when handling office business, the business system is an office system; when processing information presentation service such as news, the service system may be a web portal system or the like.

In an application scenario of an office system, referring to fig. 1, the office system includes 3 service blocks, which are: block 1, block 2 and block 3, the service blocks that different users can access are different, for example, the visitors to block 1 are: user 1, user 3, and user 4; the visitors to Block 2 are: user 1, user 2, and user 4; the visitors to Block 3 are: user 2 and user 3. Then, the access control method in the embodiment of the present application is applied to perform access control, and a service block is adaptively displayed for each user, referring to fig. 2a, a user interface of a user 1 displays a block 1 and a block 2. Referring to fig. 2b, the user interface of user 2 displays tile 2 and tile 3. Referring to fig. 2c, the user interface of user 3 displays tile 1 and tile 3. Referring to FIG. 2a, a user interface of user 4, such as user 1, also displays tile 1 and tile 2.

The block access control method in the embodiment of the present invention is described below.

Fig. 3 is an alternative flowchart of a block access control method according to an embodiment of the present invention, and the method in fig. 1 may include, but is not limited to, steps S110 to S160. Meanwhile, it is understood that, in this embodiment, the sequence from step S110 to step S160 in fig. 3 is not specifically limited, and the step sequence may be adjusted or some steps may be reduced or increased according to actual requirements.

Step S110: and acquiring the target authority of the user.

Step S120: and acquiring the block authority of each service block.

For example, referring to fig. 4, the scenario includes five business departments, and the department IDs of the five business departments are: a department B1, a department B2, and a department B3.

Where each department contains 4 users, it is possible that a user belongs to multiple departments due to business intersection, for example, a financial user belongs to the marketing department and the financial department. Referring to fig. 4, the correspondence between the user and the department is:

department B1 contains users as: a user A1, a user A2, a user A3 and a user A4;

department B2 contains users as: user A2, user A4, user A5, and user A6;

department B3 contains users as: user A4, user A7, user A8, and user A9;

in one embodiment, A1, A2, \ 8230, A9, above, are user IDs, and in this scenario, the user ID of each user is unique and non-repeating.

Fig. 5 is a schematic diagram of a service block in the above scenario. The scene comprises 3 service blocks, namely a block Q1, a block Q2 and a block Q3, wherein each service block comprises different authority information for carrying out authority limitation on different users.

Wherein, the block Q1 has authority to all users in the department B3, so the block authority of the block Q1 is represented as: A4B3, A7B3, A8B3, and A9B3.

The block Q2 has authority over part of users in the department B2 and the department B3, such as the user A2 and the user A4 in the department B2, and the user A8 and the user A9 in the department B3, so the block authority of the block Q2 is expressed as: A2B2, A4B2, A8B3, and A9B3.

The block Q3 has authority over all users in the department B1 and some users in the department B2, such as the user A5 and the user A6 in the department B2, so the block authority of the block Q3 is expressed as: A1B1, A2B1, A3B1, A4B1, A5B2, and A6B2.

From the above, the target permissions of different users in this scenario are:

the target rights of the user A1 include: A1B1;

the target rights of the user A2 include: A2B1 and A2B2;

the target rights of the user A3 include: A3B1;

the target permissions of user A4 include: A4B1, A4B2 and A4B3;

the target permissions of user A5 include: A5B2;

the target permissions of user A6 include: A6B2;

the target permissions of user A7 include: A7B3;

the target permissions of user A8 include: A8B3;

the target rights of the user A9 include: and A9B3.

As can be seen from the above, different users include different departments of authority, corresponding to different service block authorities, so in an embodiment, a database for storing user information in advance may be established, where the database includes the corresponding relationship between the user ID and the department ID and the block authority of each service block. In this embodiment, a unique user ID and a unique department ID may be used to generate a corresponding string key as the blocking right according to a key generation rule, where the string may be a number of an integer, and the obtained blocking right is uniquely distinguishable.

It should be understood that the format of the block authority is only illustrated, and the embodiment of the present application does not limit the specific format of the block authority.

In an embodiment, the process of establishing the database for storing the user information in advance specifically includes: firstly, the configuration authority of each service block is obtained, and then the block authority for each service block is generated according to the configuration authority. The configuration rights here include: the system comprises a first authority and/or a second authority, wherein the first authority is the authority of the service block to different departments, and the second authority is the authority of the service block to different users. Therefore, in an embodiment, when configuring the block authority of a certain service block, the authorities of all users in the department may be used as a part of the block authority according to the department authority, or the authority of a user may be directly used as a part of the block authority.

As can be seen from the above, the block authority of each service block in the embodiment of the present application includes authority information of different users.

In an embodiment, referring to fig. 6, which is a flowchart illustrating a specific implementation of step S110 in an embodiment, in this embodiment, the step S110 of obtaining the target authority of the user includes:

step S111: and obtaining login information of the user.

In one embodiment, the login information of the user may be an account password or auxiliary information for performing authentication, such as face recognition, fingerprint recognition, and the like, which is negotiated with the user and recorded in the database.

Step S112: and acquiring the user number of the user according to the login information.

In an embodiment, the database stores a mapping relationship between the login information and the user number, and the login information according to the above steps can obtain a uniquely determined user number, where the user number may be the user ID in fig. 4.

Step S113: and acquiring the target authority according to the user number.

In an embodiment, the target permission is formed by acquiring the related permissions of all the service blocks under the user number according to the user number.

In an embodiment, referring to fig. 7, which is a flowchart illustrating a specific implementation of step S120 in an embodiment, in the embodiment, the step S120 of obtaining the blocking right of each service block includes:

step S121: and acquiring the display sequence of the service blocks.

Step S122: and obtaining the block authority of each service block according to the display sequence.

In an embodiment, the block permission of the service block may be obtained according to a preset display order. For example, the display order may be from top to bottom, and the same row may be from left to right, and the display order is not specifically limited in this embodiment.

From the above, the target authority of the user is obtained for the user, and the block authority of the service block is obtained for the service block.

Step S130: and obtaining the merging authority of each service block according to the target authority and the block authority.

In an embodiment, referring to fig. 8, which is a flowchart illustrating a specific implementation of step S130 in an embodiment, in the embodiment, the step S130 of obtaining the merge right of each service block according to the target right and the block right includes:

step S131: a first permission array is generated.

In one embodiment, a corresponding first permission array is generated for each service block for storing target permissions and block permissions.

Step S132: and converting the target authority and the block authority of each service block into a preset format to obtain a target authority parameter and a block authority parameter.

In one embodiment, the target permissions and the blocking permissions may be converted to a format that facilitates storage of the array, i.e., a predetermined format, for example, the predetermined format may be an integer value, for storage in the array. And after format conversion, obtaining a corresponding target permission parameter according to the target permission, and obtaining a corresponding block permission parameter according to the block permission. It will be appreciated that if the block rights and target rights themselves satisfy the format of the array store, the preset format is its own data format.

Step S133: and storing the target authority parameters and the block authority parameters into a first authority array to obtain merging authority.

In an embodiment, the target permission parameters and the block permission parameters with the appropriate formats are stored in the first permission array one by one to obtain the merging permission.

With reference to fig. 4 and 5, the user A2 and the user A4 will be described as an example.

The block right of block Q1 is represented as: A4B3, A7B3, A8B3, and A9B3; the block right of block Q2 is represented as: A2B2, A4B2, A8B3, and A9B3; the block right for block Q3 is represented as: A1B1, A2B1, A3B1, A4B1, A5B2, and A6B2.

For user A2, the target permissions of user A2 include: A2B1 and A2B2, thus:

the merge rights array for block Q1 is represented as: { A4B3, A7B3, A8B3, A9B3, A2B1, A2B2};

the merge right for block Q2 is represented as: { A2B2, A4B2, A8B3, A9B3, A2B1, A2B2};

the merge right for block Q3 is represented as: { A1B1, A2B1, A3B1, A4B1, A5B2, A6B2, A2B1, A2B2}.

For user A4, the target permissions of user A4 include: A4B1, A4B2, and A4B3, thus:

the merge rights array for block Q1 is represented as: { A4B3, A7B3, A8B3, A9B3, A4B1, A4B2, A4B3};

the merge right for block Q2 is represented as: { A2B2, A4B2, A8B3, A9B3, A4B1, A4B2, A4B3};

the merge right for block Q3 is represented as: { A1B1, A2B1, A3B1, A4B1, A5B2, A6B2, A4B1, A4B2, A4B3}.

It can be understood that, the above block right and target right, that is, the block right parameter and target right parameter after format conversion, are only illustrated in this embodiment, and are not limited in particular.

As can be seen from the above, for the user, each service block can obtain a merge right.

Step S140: and removing the duplicate of the merging authority to obtain the duplicate removal authority of the merging authority.

In an embodiment, referring to fig. 9, which is a flowchart illustrating a specific implementation of step S140 in an embodiment, in the embodiment, the step S140 of performing deduplication on merge permissions to obtain deduplication permissions of the merge permissions includes:

step S141: and generating a deduplication authority array.

In one embodiment, the merge permission deduplication employs the data format of Redis Set, thus generating a deduplication permission array of the Set data format. Because the data format of the Redis Set comprises two data formats, one is the IntSet data format, and the other is the HashTable data format, the deduplication authority array comprises a first deduplication authority array and a second deduplication authority array.

Step S142: and storing the target permission parameters and the block permission parameters in the merging permission in a first de-duplication permission array according to a first preset storage rule to obtain de-duplication permission.

In one embodiment, the first preset storage rule includes two defining conditions, and the first defining condition is: if the target authority parameters and the block authority parameters can be converted into Int integer types, storing the target authority parameters and the block authority parameters in the duplication elimination authority array in the IntSet data format; the second limiting condition is: when the total length of the elements in the first deduplication authority array needs to be less than or equal to a preset storage length.

In an embodiment, referring to fig. 10, which is a flowchart illustrating a specific implementation of step S142 in an embodiment, in this embodiment, the step S142 of storing the target permission parameter and the block permission parameter in the merge permission in the first deduplication permission array according to a first preset storage rule to obtain the deduplication permission includes:

step S1421: a first storage element value is obtained.

In an embodiment, the first storage element value is a target permission parameter or a block permission parameter obtained according to a preset sequence, where the preset sequence is obtained by arranging the target permission parameter and the block permission parameter in a descending order, that is, the target permission parameter or the block permission parameter is obtained as the first storage element value in a descending order.

Step S1422: and comparing the value of the first storage element with the value of the array element in the first deduplication permission array, and judging whether writing is needed or not.

In an embodiment, if there is no duplication between the first storage element value and the value of the group element in the first deduplication right array, the first storage element value is written into the first deduplication right array according to the value size, and the array size of the first deduplication right array is incremented by one. Otherwise, the first storage element value is not written.

In one embodiment, the first deduplication right data is an array in the IntSet data format. The Int set array stores Int integer data, and when the Int set array stores Int integer data, the Int set array stores Int integer data in order, for example, according to the index of the array, the data value is changed from small to large.

The foregoing deduplication process is described below with reference to fig. 4 and fig. 5, taking the permission check process of the user A2 on the block Q2 as an example.

The merge right for block Q2 is represented as: { A2B2, A4B2, A8B3, A9B3, A2B1, A2B2}, assuming that the values in the merge right for block Q2 are arranged from small to large:

{A2B2，A2B2，A2B1，A8B3，A4B2，A9B3}。

a first deduplication authority array for block Q2 is constructed, denoted as S2.

The first step is as follows:

S2={}

the second step is that:

the first storage element value is: A2B2, which is written in S2, S2= { A2B2}.

The third step:

the first storage element value is: A2B2, which is compared with the array element A2B2 in S2, and if a duplicate is found, then the first memory element value of this step is not written, and S2= { A2B2}.

The fourth step:

the first storage element value is: A2B1, which is compared with the tuple element A2B2 in S2 and found not to be repeated, writes the first storage element value of this step, S2= { A2B2, A2B1}.

The fifth step:

the first storage element value is: and A8B3, comparing it with the array elements A2B2 and A2B1 in S2 one by one, and if no duplication is found, writing the first storage element value in this step, S2= { A2B2, A2B1, A8B3}.

And a sixth step:

the first storage element value is: A4B2, which is compared with the array elements A2B2, A2B1, and A8B3 in S2 one by one, and if no duplication is found, the first storage element value of this step is written, and S2= { A2B2, A2B1, A8B3, A4B2}.

The seventh step:

the first storage element value is: A9B3, which is compared one by one with the array elements A2B2, A2B1, A8B3 and A4B2 in S2, and if no duplication is found, the first memory element value of this step is written, S2= { A2B2, A2B1, A8B3, A4B2, A9B3}.

Thus, a first deduplication right array S2 of the block Q2 is obtained, which is expressed as: s2= { A2B2, A2B1, A8B3, A4B2, A9B3}, where the elements in the first deduplication authority array S2 are arranged from small to large according to the array subscript, the array element values are also arranged from small to large, and there are no duplicate array elements.

In the above process, if one of the two limiting conditions in the first preset storage rule is not satisfied, for example, the target authority parameter and the block authority parameter cannot be converted into Int integer type, or the length of the element in the first deduplication authority array needs to be greater than the preset storage length. And storing the target permission parameters and the block permission parameters in the merging permission in a second deduplication permission array according to a second preset storage rule to obtain deduplication permissions, wherein the data format of the second deduplication permission array is a HashTable data format.

In an embodiment, when the deduplication authority array is deduplicated, format conversion is performed on the target authority parameter and the block authority parameter stored in the array, if the target authority parameter and the block authority parameter can be converted into an Int type, the Int type is stored in a first deduplication authority array IntSet, and if the target authority parameter and the block authority parameter cannot be converted into the format, the IntSet is stored in a second deduplication authority array in a HashTable data format. In addition, because the IntSet data format has a limit on the number of the stored array elements, if the total length of the array elements stored in the IntSet data format reaches a preset storage length, the subsequent storage is stored in the HashTable data format.

It will be appreciated that the length of the elements of the array in the first deduplication rights array is not equal to the number of elements in the first deduplication rights array. For example, if the array elements in the first deduplication authority array are Int16 type integers, the length of each array element is 16, and if 5 array elements are included, the total length of the array elements in the first deduplication authority array is 16 × 5=80.

In an embodiment, the preset storage length is 512, that is, when the total length of the array elements of the first deduplication permission array is greater than 512, the subsequent target permission parameters or block permission parameters are stored in the second deduplication permission array in a HashTable data format.

In an embodiment, referring to fig. 11, the process of storing the target permission parameter and the block permission parameter in the merge permission in the second deduplication permission array according to the second preset storage rule to obtain the deduplication permission includes the following steps.

Step S1110: a second storage element value is obtained.

In an embodiment, the second deduplication permission array is an array stored in a HashTable form, wherein the second storage element value is a target permission parameter or a block permission parameter.

Step S1120: a preset encoding value of the second storage element value is obtained.

In an embodiment, the predetermined code value is a hash value of the target privilege parameter or the block privilege parameter calculated according to a predetermined hash function. In this embodiment, the hash value is used to calculate a storage location of the corresponding second storage element value in the second deduplication authority array.

Step S1130: and comparing the preset code value with the preset code value of the array element in the second deduplication authority array, and judging whether to write in.

In an embodiment, the preset encoding values, namely hash values, of all array elements in the second deduplication permission array are obtained first, and the preset encoding values of the second storage element values and the preset encoding values of other array elements in the second deduplication permission array are not repeated, so that the second storage element values are written into the second deduplication permission array, and the array size of the second deduplication permission array is increased by one; otherwise, the second storage element value is not written.

It is understood that through the above process, the deduplication permission array obtained using the Redis Set data format does not contain duplicate elements. Because Redis Set utilizes the hash table to calculate, the hash table is actually a one-dimensional array, the data structure solves the defects of the addition and deletion elements of the array and the query efficiency of the linked list, corresponding data can be found only by calculating the hash value once during calculation, and if the hash values are the same, the linked list is returned, and the elements of the linked list are compared. Therefore, the processing efficiency can be improved by obtaining the deduplication permission array by using the Redis Set data format.

Step S150: and obtaining the authority information of each service block according to the lengths of the de-duplication authority and the combination authority.

In an embodiment, referring to fig. 12, which is a flowchart illustrating a specific implementation of step S150 in an embodiment, in this embodiment, the step S150 of obtaining the authority information of each service block according to the lengths of the deduplication authority and the merge authority includes:

step S151: and acquiring the first array length of the merging authority.

Step S152: and acquiring the second array length of the deduplication authority.

Step S153: and if the length of the first array is larger than that of the second array, the authority information is that the access authority exists.

Step S154: and if the first array length is equal to the second array length, the permission information is no access permission.

In an embodiment, if a certain service block has an authority to a user, the block authority of the service block includes a target authority of the user to the service block, and therefore the merge authority includes the block authority of the service block and the target authority of the user, and the deduplication authority array of the service block obtained after deduplication is performed by using the above process does not include repeated array elements, so it can be understood that if a certain service block has an authority to a user, the merge array includes two sets of same target authorities, and the deduplication authority array includes one set of target authorities.

For example, in an embodiment, the user A2 and the user A4 are taken as examples for explanation with reference to the above embodiment.

For user A2, the target permissions of user A2 include: A2B1 and A2B2, thus:

the merge rights array for block Q1 is represented as: { A4B3, A7B3, A8B3, A9B3, A2B1, A2B2}, the deduplication rights array is represented as: { A4B3, A7B3, A8B3, A9B3, A2B1, A2B2}.

The merge right for block Q2 is represented as: { A2B2, A4B2, A8B3, A9B3, A2B1, A2B2}, the deduplication authority array is represented as: { A2B2, A4B2, A8B3, A9B3, A2B1}.

The merge right for block Q3 is represented as: { A1B1, A2B1, A3B1, A4B1, A5B2, A6B2, A2B1, A2B2}, the deduplication rights array is represented as: { A1B1, A2B1, A3B1, A4B1, A5B2, A6B2, A2B2}.

As can be seen from the above, for the user A2, the first array length of the merge right array of the block Q1 is 6, and the second array length of the deduplication right array is 6; the first array length of the merging permission array of the block Q2 is 6, and the second array length of the de-duplication permission array is 5; the first array length of the merge rights array of block Q3 is 8, and the second array length of the deduplication rights array is 7.

the merge rights array for block Q1 is represented as: { A4B3, A7B3, A8B3, A9B3, A4B1, A4B2, A4B3}, the deduplication rights array is represented as: { A4B3, A7B3, A8B3, A9B3, A4B1, A4B2}.

The merge right for block Q2 is represented as: { A2B2, A4B2, A8B3, A9B3, A4B1, A4B2, A4B3}, the deduplication authority array is represented as: { A2B2, A4B2, A8B3, A9B3, A4B1, A4B3}.

The merge right for block Q3 is represented as: { A1B1, A2B1, A3B1, A4B1, A5B2, A6B2, A4B1, A4B2, A4B3}, the deduplication authority array is represented as: { A1B1, A2B1, A3B1, A4B1, A5B2, A6B2, A4B2, A4B3}.

For the user A4, the first array length of the merging authority array of the block Q1 is 7, and the second array length of the deduplication authority array is 6; the first array length of the merging permission array of the block Q2 is 7, and the second array length of the de-duplication permission array is 6; the first array length of the merge right array of block Q3 is 9, and the second array length of the deduplication right array is 8.

As can be seen from the above, for the user A2, if the first array length of the block Q1 is equal to the second array length, there is no access right to the service block; if the first array length of the block Q2 is greater than the second array length, the access authority to the service block is 5; if the first array length of the block Q3 is greater than the second array length, there is access right to the service block.

For the user A4, if the first array length of the block Q1 is greater than the second array length, the service block has access right; if the first array length of the block Q2 is larger than the second array length, the service block has access right; if the first array length of the block Q3 is larger than the second array length, the service block has access right.

In the related art, for example, since the permissions of the service blocks for different users are different in a plurality of service blocks included in an interface of a portal website, each service block needs to record information of all users having access permissions, and different users may have the permissions of a plurality of service blocks, therefore, when the permissions are verified, multiple sets of permission information are compared and confirmed, the comparison period is long, different service blocks are independently calculated, so that calculation needs to be performed for a long time during access, and page rendering is performed on all blocks after calculation is completed, which takes a long time. When a portal or an office system is developed in a browser by adopting Javascript language, because the Javascript language structure brings the problem of slow traversal speed, if the data volume of a user is large, the calculation time consumption is multiplied along with the increase of the data volume, the long-time no response even the thread blocks a page white screen, the sound process of large data volume cannot be received in the page, the user waiting time is long, and the use experience of the user is influenced.

According to the embodiment of the application, whether the user has the access right to the service block is indirectly obtained by comparing the first array length of the combined right with the second array length of the duplication removal right, the traditional mode that the target right of the user is searched one by one in each block right is not directly known whether the user has the right, the size of the array is only required to be judged, the calculation speed can be greatly increased, the CPU utilization rate is reduced, and only the service block with the right of the user is subjected to targeted rendering, so that the access efficiency is further improved, and the effects of enabling the page not to be blocked, not to be blank and quickly rendering are achieved.

In an embodiment, the operation efficiency of the indirect method for knowing whether the user has the access right to the service block in the embodiment of the present application and the direct method in the related art are compared, and the following table is referred to.

Data volume	Original time (ms)	Consumption time (ms)	Multiplying power
				100	0.53	0.15	3.53
1000	2.18	0.19	11.47
				3000	11.21	1.17	9.58
8000	81.03	3.31	24.28
				13000	171.88	5.35	32.13
20000	414.09	7.51	55.21
				50000	2390.23	21.63	110.51
80000	5522.79	35.52	155.48
				100000	7908.37	48.05	164.59
200000	19941.56	91.36	218.27
				1000000	576969.13	468.4	1231.79

As can be seen from the above table, the time consumption of the indirect method in the embodiment of the present application is much lower than that of the direct search method in the related art, and along with the increase of the data volume, the time consumption optimization is gradually obvious, that is, the optimization magnification is higher and higher.

Step S160: and displaying the target service block of the user according to the authority information.

In an embodiment, referring to fig. 13, which is a flowchart illustrating a specific implementation of step S160 in an embodiment, in the embodiment, the step S160 of displaying the target service block of the user according to the permission information includes:

step S161: and acquiring the authority information of each service block.

In an embodiment, the permission information of the service block, that is, the access permission of the user to the service block, includes an access permission and no access permission.

Step S162: and taking the service block with the access authority as a target service block.

In an embodiment, according to the access authority of the user to the service block, the service block with the access authority of the user is screened as a target service block.

Step S163: and generating layout information according to the target service block.

Step S164: and displaying the target service block according to the layout information.

In an embodiment, since each user may display different target service blocks, the layout information of a corresponding number is preset according to the number of the target service blocks, for example, when there is only one target service block, the layout information may be: the up-down direction and the left-right direction of the target service block are both centered, or the left-right direction of the target service block is centered and the top of the up direction is arranged. If there are two target service blocks, the layout information may be: the two target service blocks are centered up and down, equally spaced in the left and right directions, or equally spaced up and down, and centered in the left and right directions. In an embodiment, a plurality of sets of layout information may also be generated in advance according to the number and size of the service blocks, and after the number of the target service blocks is obtained in the above steps, the target service blocks are displayed according to the preset layout information. It can be understood that, in order to improve the rendering speed, the target service block may also be displayed at the position of the target service block under the original layout of all the service blocks, and the layout information of the target service block is not specifically limited in this embodiment.

Referring to fig. 14a, a display interface of the user A2 in the above embodiment is shown, and fig. 14b is a display interface of the user A4.

Since user A2 has no access to tile Q1, access is granted to tiles Q2 and Q3. User A4 has access to tile Q1, tile Q2, and tile Q3. Thus, FIG. 14a shows the tile Q2 and the tile Q3 for the user A2, and FIG. 14b shows the tile Q1, the tile Q2 and the tile Q3 for the user A4.

According to the technical scheme provided by the embodiment of the invention, the target authority of the user and the block authority of each service block are obtained, the merging authority of each service block is obtained according to the target authority and the block authority, the de-duplication authority is carried out on the merging authority so as to obtain the de-duplication authority of the merging authority, the authority information of each service block is obtained according to the de-duplication authority and the length of the merging authority, and the target service block of the user is displayed according to the authority information.

According to the method and the device, the authority information is obtained according to the array length relation between the de-duplication authority and the merging authority, the target authority and the block authority do not need to be compared one by one, the time for comparing the authorities is further shortened, and the phenomenon that response time is too slow due to authority access is avoided. And the target service block is obtained according to the target authority of the user, so that the corresponding target service block can be displayed for display interfaces of different users. On one hand, the display interface of each user is prevented from rendering all the service blocks, and the rendering time is reduced; and on the other hand, the interference information of the display interface is reduced, so that a user can quickly select a target service block according to requirements, and the access efficiency of a service system is improved.

The embodiment of the present invention further provides an authentication method, referring to fig. 15, the method flow includes:

step S1510: acquiring a target authority of a user;

step S1520: acquiring the module authority of each service module;

step S1530: obtaining the merging authority of each service module according to the target authority and the module authority;

step S1540: removing the duplicate of the merging authority to obtain the duplicate removal authority of the merging authority;

step S1550: and obtaining the authority information of each service module according to the lengths of the de-duplication authority and the combination authority.

It can be understood that the authentication method of the embodiment of the present application can be used in a plurality of service systems, and the service systems include different service modules. The service module may be a service block as in the foregoing embodiment, or may be a function module inside the service system, and the permissions of the users are different, which correspond to different accessible service modules, so that the authorization method of this embodiment may be used to perform fast authorization on the permissions of different blocks or function modules, thereby improving the access efficiency of the service system.

For example, when the authentication method of the embodiment of the present application can be applied to the network page display system, the specific implementation is substantially the same as the specific implementation of the block access control method, and for related descriptions, reference is made to the description of the foregoing embodiment, which is not repeated herein.

An embodiment of the present invention further provides a block access control device, which can implement the block access control method described above, and with reference to fig. 16, the block access control device includes:

the target authority acquisition unit 1610: for obtaining the target rights of the user.

The block right acquiring unit 1620: for obtaining the block right of each service block.

Merge permissions unit 1630: and the merging authority is used for obtaining the merging authority of each service block according to the target authority and the block authority.

Authority deduplication unit 1640: and the device is used for removing the duplicate of the merging authority so as to obtain the duplicate removal authority of the merging authority.

Authority information determination unit 1650: and the method is used for obtaining the authority information of each service block according to the lengths of the de-duplication authority and the merging authority.

Service block display unit 1660: and the target service block is used for displaying the target service block of the user according to the authority information.

The specific implementation of the block access control apparatus in this embodiment is substantially the same as the specific implementation of the block access control method, and is not described herein again.

An embodiment of the present invention further provides an electronic device, including:

at least one memory;

at least one processor;

at least one program;

the programs are stored in the memory, and the processor executes the at least one program to implement the block access control method of the present invention as described above. The electronic device can be any intelligent terminal including a mobile phone, a tablet computer, a Personal Digital Assistant (PDA for short), a vehicle-mounted computer and the like.

Referring to fig. 17, fig. 17 illustrates a hardware structure of an electronic device according to another embodiment, where the electronic device includes:

the processor 1701 may be implemented by a general CPU (central processing unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more integrated circuits, and is configured to execute a related program to implement the technical solution provided in the embodiment of the present invention;

the memory 1702 may be implemented in the form of a ROM (read only memory), a static storage device, a dynamic storage device, or a RAM (random access memory). The memory 1702 may store an operating system and other application programs, and when the technical solution provided in this embodiment is implemented by software or firmware, the relevant program codes are stored in the memory 1702, and the processor 1701 invokes the block access control method according to the embodiment of the present invention;

an input/output interface 1703 for inputting and outputting information;

a communication interface 1704, configured to implement communication interaction between the device and another device, where the communication may be implemented in a wired manner (e.g., USB, network cable, etc.), or in a wireless manner (e.g., mobile network, WIFI, bluetooth, etc.); and

a bus 1705 that transfers information between various components of the device (e.g., the processor 1701, the memory 1702, the input/output interface 1703, and the communication interface 1704);

wherein the processor 1701, the memory 1702, the input/output interface 1703 and the communication interface 1704 realize communication connections with each other inside the device through the bus 1705.

An embodiment of the present application further provides a storage medium, where the storage medium is a computer-readable storage medium, and the storage medium stores a computer program, and the computer program, when executed by a processor, implements the block access control method.

The memory, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer executable programs. Further, the memory may include high speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory located remotely from the processor, and these remote memories may be connected to the processor through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

According to the block access control method, the block access control device, the electronic equipment and the storage medium, the target authority of the user and the block authority of each service block are obtained, the merging authority of each service block is obtained according to the target authority and the block authority, the merging authority is deduplicated to obtain the deduplication authority of the merging authority, the authority information of each service block is obtained according to the deduplication authority and the length of the merging authority, and the target service block of the user is displayed according to the authority information. According to the method and the device, the authority information is obtained according to the array length relation between the de-duplication authority and the merging authority, the target authority and the block authority do not need to be compared one by one, the time for comparing the authorities is further shortened, and the phenomenon that response time is too slow due to authority access is avoided. And the target service block is obtained according to the target authority of the user, so that the corresponding target service block can be displayed for display interfaces of different users. On one hand, the display interface of each user is prevented from rendering all the service blocks, and the rendering time is reduced; and on the other hand, the interference information of the display interface is reduced, so that a user can quickly select a target service block according to requirements, and the access efficiency of a service system is improved.

The embodiments described in the embodiments of the present application are for more clearly illustrating the technical solutions of the embodiments of the present application, and do not constitute a limitation to the technical solutions provided in the embodiments of the present application, and it is obvious to those skilled in the art that the technical solutions provided in the embodiments of the present application are also applicable to similar technical problems with the evolution of technology and the emergence of new application scenarios.

It will be appreciated by those skilled in the art that the embodiments shown in the figures are not intended to limit the embodiments of the present application and may include more or fewer steps than those shown, or some of the steps may be combined, or different steps may be included.

The above-described embodiments of the apparatus are merely illustrative, wherein the units illustrated as separate components may or may not be physically separate, i.e. may be located in one place, or may also be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

One of ordinary skill in the art will appreciate that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof.

The terms "first," "second," "third," "fourth," and the like in the description of the application and the above-described figures, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

It should be understood that in the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" is used to describe the association relationship of the associated object, indicating that there may be three relationships, for example, "a and/or B" may indicate: only A, only B and both A and B are present, wherein A and B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of single item(s) or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.

In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the above-described units is only one type of logical functional division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes multiple instructions for causing a computer device (which may be a personal computer, a server, or a network device) to perform all or part of the steps of the method of the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing programs, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

The preferred embodiments of the present application have been described above with reference to the accompanying drawings, and the scope of the claims of the embodiments of the present application is not limited thereto. Any modifications, equivalents and improvements that may occur to those skilled in the art without departing from the scope and spirit of the embodiments of the present application are intended to be within the scope of the claims of the embodiments of the present application.

Claims

1. A block access control method is applied to a network page display system, a page displayed by the network page display system comprises a plurality of service blocks, and the service blocks displayed by users with different authorities are different, and the method comprises the following steps:

acquiring a target authority of a user;

acquiring the block authority of each service block;

2. A block access control method as claimed in claim 1, wherein the block right comprises at least one user right; the obtaining of the merging authority of each service block according to the target authority and the block authority comprises:

generating a first permission array;

3. A block access control method as claimed in claim 2, wherein said removing the duplicate of the merged right to obtain the duplicate right of the merged right comprises:

4. A block access control method as claimed in claim 3, wherein the storing the target right parameter and the block right parameter in the merge right in the first deduplication right array according to a first preset storage rule comprises:

comparing the first storage element value with the values of the array elements in the first deduplication authority array, if no duplication exists, writing the first storage element value into the first deduplication authority array according to the size of the value, and adding one to the size of the array of the first deduplication authority array;

otherwise, the first storage element value is not written.

5. A block access control method as claimed in claim 3, wherein the deduplication rights array further comprises a second deduplication rights array; if the total length of the elements in the first deduplication authority array is larger than a preset storage length:

6. A block access control method as claimed in claim 5, wherein the step of storing the target permission parameter and the block permission parameter in the merge permission in the second deduplication permission array comprises:

acquiring a second storage element value, wherein the second storage element value is the target authority parameter or the block authority parameter;

acquiring a preset coding value of the second storage element value;

otherwise, the second storage element value is not written.

7. A block access control method as claimed in claim 1, wherein said obtaining the permission information of each service block according to the lengths of the de-duplication permission and the merge permission comprises:

acquiring a first array length of the merging authority;

acquiring a second array length of the deduplication authority;

8. A block access control method as claimed in claim 7, wherein said displaying the target service block of the user according to the authority information comprises:

acquiring authority information of each service block;

taking the service block with the access authority of the authority information as a target service block;

generating layout information according to the target business block;

and displaying the target service block according to the layout information.

9. A block access control method as claimed in any one of claims 1 to 8, wherein said obtaining target permissions of users comprises:

acquiring login information of a user;

acquiring a user number of the user according to the login information;

and acquiring the target permission according to the user number.

10. A block access control method according to any of claims 1 to 8, wherein said obtaining block right of each service block comprises:

acquiring a display sequence of the service blocks;

11. A block access control method according to any one of claims 1 to 8, wherein before obtaining block permissions for each service block, the method further comprises:

and generating the block authority according to the configuration authority.

12. An authentication method, comprising:

acquiring a target authority of a user;

acquiring the module authority of each service module;

obtaining the merging authority of each service module according to the target authority and the module authority;

and obtaining the authority information of each service module according to the length of the de-duplication authority and the length of the combination authority.

13. A block access control device is applied to a network page display system, a page displayed by the network page display system comprises a plurality of service blocks, and the service blocks displayed by users with different authorities are different, the device comprises:

a block right acquisition unit: the block authority is used for acquiring the block authority of each service block;

14. An electronic device, characterized in that the electronic device comprises a memory and a processor, the memory stores a computer program, and the processor implements the block access control method of any one of claims 1 to 11 or the authentication method of claim 12 when executing the computer program.

15. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the block access control method of any one of claims 1 to 11, or the authentication method of claim 12.